Fantastic thing about the Beast: Why the Pandemic and Cybersecurity May Truly Enhance IT Procurement and Collaboration

For over a decade, IT managers have listed cybersecurity as their primary concern. Each the CompTIA Public Expertise Institute (PTI) and the Nationwide Affiliation of State Data Officers (NASCIO) have been monitoring key developments in IT administration, coverage, governance, and operational points regarding state and native authorities. Solely just lately has “procurement” entered the area of the highest 10 points, and the time has come. In recent times, I’ve had the pleasure of talking earlier than a number of occasions about procurement officers, in addition to a buying co-operative. What I’ve realized from these experiences is that buying managers have a real want to study extra concerning the IT enterprise. Equally, IT managers have described their relationship with procurement as considerably combined, usually blaming outdated procedures, not people. Each side expressed the necessity for better understanding and cooperation. As everyone knows, IT is kind of specialised, and other than laptops and associated tools, the remaining is much from being labeled a “staple article”.

The pandemic (the beast) might have been the vital and significant catalyst for change. By no means within the historical past of public administration has metropolis and county IT assist needed to transfer to a distant workforce whereas nonetheless serving residents in such a brief house of time. The principles have been bypassed to make the large shift to distant work doable. Lots of of 1000’s of laptops, displays, cameras and headphones needed to be acquired in report time. Much less apparent was the huge procurement of VPNs, collaboration software program, and cybersecurity monitoring gadgets. The pandemic has compelled everybody to function and transfer in methods and speeds not thought of doable. The pandemic compelled native governments to hurry up authorities digitization plans. A lot of what was thought of non permanent has now largely been stored and may be very more likely to stay right here.

As increasingly authorities staff have been compelled to work remotely, cybercriminals have sought (usually efficiently) to reap the benefits of the brand new distant workforce panorama. Not solely have ransomware assaults elevated, however we additionally realized of a brand new kind of assault known as a “provide chain” assault through which a cybercriminal would hack right into a vendor’s buyer database in order that when updates have been despatched, even malicious malware.

The 2022 CompTIA Public Expertise Institute (PTI) State of Metropolis and County IT Nationwide Survey noticed procurement enter its high 10 for the primary time; mentioning the necessity to “streamline procurement processes”. In comparison with the opposite priorities within the annual survey, there’s a nice want for buying choices that transcend cybersecurity, resembling modernizing IT, integrating methods, growing digital providers for residents, and in the end, the migration of methods / functions to the cloud. Whereas NASCIO’s high 10 annual CIO priorities don’t straight level to procurement, procurement is talked about of their fourth precedence in Cloud Companies: “cloud technique; collection of service and deployment fashions; scalable and elastic providers; authorities; service administration; safety; privateness; Procurement. “

Over time, cloud providers have grown each by way of performance and definition itself. At this time, a rising variety of state and native governments are shifting increasingly operations to cloud and managed service suppliers. Likewise for IT and procurement managers, it’s usually tough to judge the providers provided by these distributors. The federal procurement market can depend on FedRamp for cloud security-related insurance coverage via provider certifications. Till just lately, state and native governments have been excluded from the method when tons of of 1000’s of small regional and native service suppliers didn’t qualify beneath FedRamp laws. New to the scene is StateRamp, a nonprofit group whose mission is to offer certifications for such native gamers. As StateRamp evolves, state and native governments could have an indispensable software to raised entry their buying choices in relation to cloud and managed providers with a give attention to cybersecurity.

Along with the immediacy of the issue, the Cybersecurity and Infrastructure Safety Company (CISA) just lately issued a worldwide and nationwide warning aimed toward defending managed service suppliers and clients, usually state and native governments. Among the many 5 suggestions is “Understanding and proactively managing provide chain danger between safety, authorized and provide teams, utilizing danger assessments to determine and prioritize useful resource allocation.”

Current occasions have induced an enormous shift in the way in which we use, buy and handle info know-how. The checklist of extra buy choices that must be made concerning the acquisition of IT tools and methods, each {hardware} and software program choices, will must be seen throughout varied aims resembling authorized, cyber, financing, danger evaluation, compatibility, assist and coaching, to call just some. The pandemic, coupled with rising cybersecurity necessities, has created a brand new path the place procurement has developed right into a staff sport, leading to stronger info know-how for all state and native governments specifically. and making the method safer and simpler. And that is the great thing about this bestial pandemic.

Dr. Alan R. Shark has been vice chairman of public sector and govt director of the CompTIA Public Expertise Institute (PTI) in Washington, DC since 2004. He’s a member of the Nationwide Academy for Public Administration and chair of the Standing Panel on Expertise Management. He’s an affiliate professor for the Schar College of Coverage and Authorities, George Mason College, and is a course developer / teacher at Rutgers College Heart for Authorities Companies. Dr. Shark’s thought management actions embody keynote speech, weblog, and biweekly podcast Sharkbyte. He’s additionally the creator or co-author of over 12 books, together with the nationally acknowledged textbook “Expertise and Public Administration” and “CIO Management for Cities and Counties”.

This text initially appeared within the June 2022 situation of Authorities prosecutor.

Leave a Comment

A note to our visitors

This website has updated its privacy policy in compliance with changes to European Union data protection law, for all members globally. We’ve also updated our Privacy Policy to give you more information about your rights and responsibilities with respect to your privacy and personal information. Please read this to review the updates about which cookies we use and what information we collect on our site. By continuing to use this site, you are agreeing to our updated privacy policy.